Searched refs:jail (Results 1 – 3 of 3) sorted by relevance
31 struct minijail* jail = minijail_new(); in SetupMinijail() local32 if (jail == nullptr) { in SetupMinijail()36 minijail_no_new_privs(jail); in SetupMinijail()37 minijail_log_seccomp_filter_failures(jail); in SetupMinijail()38 minijail_use_seccomp_filter(jail); in SetupMinijail()39 minijail_parse_seccomp_filters(jail, seccomp_policy_path.c_str()); in SetupMinijail()40 minijail_enter(jail); in SetupMinijail()41 minijail_destroy(jail); in SetupMinijail()
110 ScopedMinijail jail(minijail_new()); in drop_privileges() local126 minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups); in drop_privileges()134 minijail_use_caps(jail.get(), CAP_TO_MASK(CAP_SETUID) | CAP_TO_MASK(CAP_SETGID)); in drop_privileges()137 minijail_change_gid(jail.get(), AID_SHELL); in drop_privileges()138 minijail_change_uid(jail.get(), AID_SHELL); in drop_privileges()140 minijail_enter(jail.get()); in drop_privileges()165 minijail_enter(jail.get()); in drop_privileges()
620 ScopedMinijail jail{minijail_new()}; in seccomp_fork_impl() local621 if (!jail) { in seccomp_fork_impl()625 minijail_no_new_privs(jail.get()); in seccomp_fork_impl()626 minijail_log_seccomp_filter_failures(jail.get()); in seccomp_fork_impl()627 minijail_use_seccomp_filter(jail.get()); in seccomp_fork_impl()628 minijail_parse_seccomp_filters_from_fd(jail.get(), tmp_fd.release()); in seccomp_fork_impl()639 std::thread thread([&jail, &thread_ready]() { in seccomp_fork_impl()640 minijail_enter(jail.get()); in seccomp_fork_impl()655 minijail_enter(jail.get()); in seccomp_fork_impl()